๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Intermediate

What is Rate Limiting?

A technique that controls the number of requests a client can make to a server within a specified time period.

Rate limiting protects APIs and services from abuse, DDoS attacks, and excessive usage. Common approaches include fixed window (X requests per minute), sliding window (smoother distribution), and token bucket (burst-friendly) algorithms.

Implementation can be per-user, per-IP, or per-API-key. HTTP response headers (X-RateLimit-Limit, X-RateLimit-Remaining, Retry-After) communicate limits to clients. Redis is commonly used to track request counts.

Related Terms

Webhook Signature Verification
A security mechanism that verifies webhook payloads are authentic and unmodified using cryptographic signatures.
XSS (Cross-Site Scripting)
An attack that injects malicious scripts into web pages viewed by other users, potentially stealing data or session tokens.
JWT (JSON Web Token)
A compact, self-contained token format used for securely transmitting information between parties as a JSON object.
SAST (Static Application Security Testing)
Automated analysis of source code to find security vulnerabilities without executing the application.
Secret Management
The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.
Brute Force Attack
An attack method that systematically tries all possible combinations of passwords or keys until the correct one is found.
View All Security Terms โ†’